CVE-2024-21575

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-21575

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21575.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-21575

Published

2024-12-12T15:15:12.733Z

Modified

2025-11-15T15:37:00.406843Z

Severity

9.2 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of the image.filename field in a POST request sent to the /upload/temp endpoint added by the extension to the server. This results in writing arbitrary files to the file system which may, under some conditions, result in remote code execution (RCE).

References

Affected packages

Git / github.com/ltdrdata/comfyui-impact-pack

Affected ranges

Type: GIT
Repo: https://github.com/ltdrdata/comfyui-impact-pack
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a43dae373e648ae0f0cc0c9768c3cea6a72acff7

Affected versions

5.*

5.18.13

5.18.14

5.18.15

5.18.16

6.*

6.0

6.0.1

6.0.2

6.0.3

7.*

7.0

7.1

7.2.1

7.3

7.3.1

7.3.2

7.4.2

7.4.4

7.4.5

7.5

7.5.1

7.5.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-21575.json"